|
|
|
|
|
|
by chii
1509 days ago
|
|
|
it might be that it took this amount of time to establish the facts of the events. If they recounted an incorrect version early, it might do more damage than not telling it. I dont know if the github disclosure "includes" heroku's disclosure : https://github.blog/2022-04-15-security-alert-stolen-oauth-u... - but it was at least april 15th - close-ish to when the event occurred. |
|
|
I'm sure I've received emails of the form: we suspect there may have been a breach, so we're forcing password resets, and have always taken that fine.